diff options
| author | Vincent Palatin <vpalatin@chromium.org> | 2014-11-13 08:28:50 -0800 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-01 20:30:46 +0000 |
| commit | 902a07b5c8efa59e03e57b3c45f17fc1d17e3125 (patch) | |
| tree | 74d3759bcc147a49ecefbc51e566860ecc1f4ac6 /common/main.c | |
| parent | b41a0632db0abd010331b507cba4b472dd8e2fd8 (diff) | |
| download | chrome-ec-902a07b5c8efa59e03e57b3c45f17fc1d17e3125.tar.gz | |
Add RW firmware signature verification for common runtime
For accessories without software-sync mechanism, add the option to do a
RSA-based signature verification of the Read-Write firmware.
Signed-off-by: Vincent Palatin <vpalatin@chromium.org>
BRANCH=samus
BUG=chrome-os-partner:31192
TEST=enable the configuration on Fruitpie and see the RW firmware
validated and jump to. Tried with good and bad RW images.
Change-Id: I3c886c2cbe17ca9543e19bf8599061c3f9751d4f
Reviewed-on: https://chromium-review.googlesource.com/229594
Reviewed-by: Todd Broch <tbroch@chromium.org>
Commit-Queue: Todd Broch <tbroch@chromium.org>
Tested-by: Todd Broch <tbroch@chromium.org>
Diffstat (limited to 'common/main.c')
| -rw-r--r-- | common/main.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/common/main.c b/common/main.c index 269781f9f6..00bc19df4a 100644 --- a/common/main.c +++ b/common/main.c @@ -21,6 +21,7 @@ #ifdef CONFIG_MPU #include "mpu.h" #endif +#include "rsa.h" #include "system.h" #include "task.h" #include "timer.h" @@ -141,6 +142,14 @@ test_mockable int main(void) keyboard_scan_init(); #endif +#ifdef CONFIG_RWSIG + /* + * Check the RW firmware signature + * and eventually jump to it if it is good. + */ + check_rw_signature(); +#endif + /* Initialize the hook library. This calls HOOK_INIT hooks. */ hook_init(); |